Code injection

The fbgs script in the fbi package 2.01-1.4, when the TMPDIR environment variable is not defined, allows local users to overwrite arbitrary files via a symlink attack on temporary files in /var/tmp/fbps-PID...

CVE-2006-1695

The fbgs script in the fbi package 2.01-1.4, when the TMPDIR environment variable is not defined, allows local users to overwrite arbitrary files via a symlink attack on temporary files in /var/tmp/fbps-PID...

CVE-2006-1695

The fbgs script in the fbi package 2.01-1.4, when the TMPDIR environment variable is not defined, allows local users to overwrite arbitrary files via a symlink attack on temporary files in /var/tmp/fbps-PID...

Directory traversal

Directory traversal vulnerability in KGB Archiver before 1.1.5.22 allows remote attackers to overwrite arbitrary files wile decompressing an archive, possibly due to directory traversal sequences in a filename...

CVE-2006-1611

Directory traversal vulnerability in KGB Archiver before 1.1.5.22 allows remote attackers to overwrite arbitrary files wile decompressing an archive, possibly due to directory traversal sequences in a filename...

Buffer overflow

The configuration of NetHack 3.4.3-r1 and earlier, Falcon's Eye 1.9.4a and earlier, and Slash'EM 0.0.760 and earlier on Gentoo Linux allows local users in the games group to modify saved games files to execute arbitrary code via buffer overflows and overwrite arbitrary files via symlink attacks...

CVE-2006-0050

snmptrapfmt in Debian 3.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary log file...

CVE-2006-0745

X.Org server xorg-server 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and 1 execute arbitrary code via the -modulepath command line optio...

CVE-2006-0745

X.Org server xorg-server 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and 1 execute arbitrary code via the -modulepath command line optio...

CVE-2006-0745

X.Org server xorg-server 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and 1 execute arbitrary code via the -modulepath command line optio...

DEBIAN-CVE-2006-1279

CGI::Session 4.03-1 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by 1 Driver::File, 2 Driver::dbfile, and possibly 3 Driver::sqlite...

CVE-2006-1279

CGI::Session 4.03-1 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by 1 Driver::File, 2 Driver::dbfile, and possibly 3 Driver::sqlite...

CVE-2006-1224

Directory traversal vulnerability in dwnld.php in GuppY 4.5.11 allows remote attackers to overwrite arbitrary files via a "%2E." mixed encoding in the pg parameter...

CVE-2006-1224

Directory traversal vulnerability in dwnld.php in GuppY 4.5.11 allows remote attackers to overwrite arbitrary files via a "%2E." mixed encoding in the pg parameter...

DEBIAN-CVE-2006-0950

unalz 0.53 allows user-assisted attackers to overwrite arbitrary files via an ALZ archive with ".." dot dot sequences in a filename...

CVE-2006-1063

Unspecified vulnerability in Lurker 2.0 and earlier allows remote attackers to create or overwrite files in any writable directory that is named "mbox"...

DEBIAN-CVE-2006-1063

Unspecified vulnerability in Lurker 2.0 and earlier allows remote attackers to create or overwrite files in any writable directory that is named "mbox"...

CVE-2005-2714

CVE-2005-2714 affects Apple Mac OS X passwd on 10.3.x before 10.3.9 and 10.4.x before 10.4.5. A local attacker can exploit a symlink to the temporary file /tmp/.pwtmp. to overwrite arbitrary files, potentially gaining elevated privileges. The iDefense advisory describes two related issues: tempor...

Directory traversal

Directory traversal vulnerability in SpeedProject Squeez 5.1, as used in 1 ZipStar 5.1 and 2 SpeedCommander 11.01.4450, allows remote attackers to overwrite arbitrary files via unspecified manipulations in a 1 JAR or 2 ZIP archive...

WinHKI 1.4/1.5/1.6 - Directory Traversal

source: https://www.securityfocus.com/bid/17153/info Reportedly, an attacker can carry out directory-traversal attacks. These issues present themselves when the application processes malformed archives. A successful attack can allow the attacker to place potentially malicious files and overwrite...